Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.
+1 212 318 2000
Europe, Middle East, & Africa
+44 20 7330 7500
+65 6212 1000
April 18 --Arts and crafts retailer Michaels Stores Inc. April 17 said it has discovered evidence confirming that its systems were affected by a data breach possibly affecting 2.6 million customer payment cards.
The company said in a statement that the breach also affected the systems of Michaels subsidiary Aaron Brothers Inc., possibly affecting approximately 400,000 payment cards used at its stores.
Michaels said that it has “identified and fully contained the incident, and the malware no longer presents a threat” to those shopping at its stores.
The confirmation of the breach by Michaels follows breaches disclosed over the past several months by major retailers Target Corp. and Neiman Marcus Group Ltd.
This isn't the first confirmed breach at Michaels. In May 2011, the company disclosed that fraudsters had replaced store personal identification number (PIN) entry terminals with modified PIN pads that could skim payment card data at stores in 20 states.
This past January, the company announced that it had learned of possible fraudulent activity on some payment cards that had been used at its stores and that it was investigating a possible security breach.
“After weeks of analysis, the Company discovered evidence confirming that systems of Michaels stores in the United States and its subsidiary, Aaron Brothers, were attacked by criminals using highly sophisticated malware that had not been encountered previously by either of the security firms,” Michaels said in an April 17 statement.
The systems affected by the latest breach contained payment card information such as card numbers and expiration dates, the company said. However, there is no evidence that other personal information of customers, such as names, addresses and PINs, was affected, it added.
Michaels said the attack targeted point-of-sale systems at some of its stores between May 8, 2013, and Jan. 27, 2014. The 2.6 million cards affected represent 7 percent of payment cards used at its stores during this time period, the company added.
The breach affected 54 Aaron Brothers stores between June 26, 2013, and Feb. 27, 2014, according to the Michaels statement.
There have been a “limited number of reports from the payment card brands and banks of fraudulent use” of the cards, Michaels said. The company said it is offering free identity protection, credit monitoring and fraud assistance services to affected customers for 12 months.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).